Over the years I've worked with a number of companies and what has become obvious to me is that - it is rare that a company knowingly pirates software.
So, how do so many companies become non-compliant on their software agreements?
1) Lack of proper processes (and adherence to those processes) for software acquisition, deployment and retirement.
2) Lack of a good asset inventory tool that will accurately and easily report on what is installed.
3) Lack of records of what is owned.
4) Misconception or lack of knowledge of product use rights.
5) Misconception or lack of knowledge of volume licensing agreement rights.
Of all of these, I find the last two to be the most universal and it's a combination of misconception and lack of knowledge. Of the two I find misconception the most dangerous...because the company thinks that they're doing things right so they never ask for help.
How do the misconceptions happen? Generally, through outdated knowledge or guesswork.
Some things to be aware of:
1) Different use rights exist for different versions as well as different forms of acquisition.
For example, Microsoft 2007 software (Office, Server, Operating System) acquired OEM normally does not allow for downgrade; however, if acquired through Open, Select or Enterprise it normally does allow for downgrade. This was not always the case, in the past it had been allowed...was it allowed when you did it? Reference - http://download.microsoft.com/download/d/2/3/d23b9533-169d-4996-b198-7b9d3fe15611/downgrade_chart.doc). How were you planning to handle those OEM Office 2007 that are coming in the door? Were you going to downgrade those to 2003 until you're ready to upgrade?
2) Test and Development servers need to comply with product use rights same as Production.
3) Your Developers may have the "Professional" version of the software for development purposes but not be licensed for those for business use - be careful what's being installed on their production machines.
4) Vendors selling you a solution dependent upon another companies technology may not always provide you with full/accurate information about the licensing requirements...do your homework.
5) Client Access Licenses - in general if you're using the resources of a server, you need some form of client license for each user/device. Watch this carefully, it's the most common problem we find.
Just to name a few...
So, how do you keep up and still do your job? Frankly, you don't. You bring in professionals to educate you and provide you with documentation from the publisher supporting that education (do not rely on anything else...if a problem comes up, you're the one holding the bag) which you retain in a centralized location until those licenses (and their future upgrades) are no longer in use.
Questions? Comments? Would love to see them...
Thursday, September 13, 2007
Tuesday, July 31, 2007
Software Asset Management – Luxury or Necessity?
I was speaking with a friend to day who asked me the question…is what you do a necessity or a luxury? I immediately responded that SAM is a necessity – but at the same time it made me really think about his question and about why he was asking it.
He’s a mortgage broker – and if you’ve watched the news at all, you know that there is a lot of pain going on in that industry. However; there is a lot of pain going on in a lot of industries right now, which is why he asked the question. If you think about it, while SAM is always important and there are always significant business reasons to do it – when things are tough financially and operationally it makes it even more important.
You can look at the figures all over and you will constantly see evidence that SAM saves companies around 30% on software costs in year one and about 10% on an annual basis. When you factor in the soft dollar savings on increased operational efficiency the savings go up dramatically. I know these numbers to be true based upon the results our clients have seen.
You could make the argument that while SAM is important, companies don’t need to hire consultants to do it for them so the hiring of a firm such as ours could be considered a luxury. True, companies can do it themselves…but unless you’re going to invest the time, money and energy to train someone within your organization to become a SAM expert – you will probably expend a fair amount of personnel time and then turn around and hire a professional when you don’t get the results you’re expecting.
Implementing a SAM program frequently involves a lot of esoteric knowledge – knowledge that is not necessary for ongoing maintenance but is necessary to provide the accurate evaluation of the current license and process status. Hire a professional to set up your program – let them put their expertise to work for you and train your staff on what it will take to maintain the program going forward.
So, unless you’re not going to buy software – SAM becomes even more important to you in lean times as it saves you considerable money, and hiring a professional to set up your program allows you to leverage their historical knowledge and expertise while at the same time ensuring that your staff only has to learn the pertinent information to maintain your program.
Has your company established a SAM program? Did you do it yourself or hire a professional? What was the outcome?
He’s a mortgage broker – and if you’ve watched the news at all, you know that there is a lot of pain going on in that industry. However; there is a lot of pain going on in a lot of industries right now, which is why he asked the question. If you think about it, while SAM is always important and there are always significant business reasons to do it – when things are tough financially and operationally it makes it even more important.
You can look at the figures all over and you will constantly see evidence that SAM saves companies around 30% on software costs in year one and about 10% on an annual basis. When you factor in the soft dollar savings on increased operational efficiency the savings go up dramatically. I know these numbers to be true based upon the results our clients have seen.
You could make the argument that while SAM is important, companies don’t need to hire consultants to do it for them so the hiring of a firm such as ours could be considered a luxury. True, companies can do it themselves…but unless you’re going to invest the time, money and energy to train someone within your organization to become a SAM expert – you will probably expend a fair amount of personnel time and then turn around and hire a professional when you don’t get the results you’re expecting.
Implementing a SAM program frequently involves a lot of esoteric knowledge – knowledge that is not necessary for ongoing maintenance but is necessary to provide the accurate evaluation of the current license and process status. Hire a professional to set up your program – let them put their expertise to work for you and train your staff on what it will take to maintain the program going forward.
So, unless you’re not going to buy software – SAM becomes even more important to you in lean times as it saves you considerable money, and hiring a professional to set up your program allows you to leverage their historical knowledge and expertise while at the same time ensuring that your staff only has to learn the pertinent information to maintain your program.
Has your company established a SAM program? Did you do it yourself or hire a professional? What was the outcome?
Thursday, June 21, 2007
What's an acceptable "out of compliance" number?
I was privy to an interesting conversation a few weeks ago...the topic was "What level of non-compliance is acceptable?". Basically the basis for the discussion was that being illegal on some licenses was to be expected but at what level does it become an issue.
Before jumping into all sorts of morality issues, I'll stop myself and instead put this in the context of...assuming it will cost me money to prove every single license, is there a point at which I can say "under this amount is not worth the cost"?
Now, morally I don't feel there is a number greater than zero that can be acceptable. If you can't prove licensing for a single product, you owe it to yourself and the publisher who invested their time and resources into its creation to buy the product (and then keep better records).
Getting off my moral high horse I will point out that running even a single copy of software that you can't prove licensing for is a risk to you and your organization. As with any risk to your organization, your organizations risk assessment framework should address this topic for you. But remember - you can't manage what you don't know and you can't apply a risk assessment if you don't have the details!
What are your thoughts?
Before jumping into all sorts of morality issues, I'll stop myself and instead put this in the context of...assuming it will cost me money to prove every single license, is there a point at which I can say "under this amount is not worth the cost"?
Now, morally I don't feel there is a number greater than zero that can be acceptable. If you can't prove licensing for a single product, you owe it to yourself and the publisher who invested their time and resources into its creation to buy the product (and then keep better records).
Getting off my moral high horse I will point out that running even a single copy of software that you can't prove licensing for is a risk to you and your organization. As with any risk to your organization, your organizations risk assessment framework should address this topic for you. But remember - you can't manage what you don't know and you can't apply a risk assessment if you don't have the details!
What are your thoughts?
Subscribe to:
Posts (Atom)